Covering attack trends that emerged under various data segmentations including industry type, continent of origin of attacks, and time of day, the report focuses on the analyses of five rules considered most important to the WAPPLES’ detection engine, with key elements from the OWASP (Open Web Application Security Project) Top 10: Cross-Site Scripting (XSS), SQL Injection, File Upload, Directory Traversal and Stealth Commanding. Penta Security’s security analysts found that not only did attack trends vary when data was segmented by continent of origin and time of day, but distinct web attack trends also existed across industries. Therefore contextual analysis is critical to effective optimization of security policies.

Different attack types were prominent for specific industries – for example, XSS showed to be prevalent in the Science & Technology industries as well as Social & Community industries as administration of websites belonging to this field tend to be relatively lax. Therefore, many attacks can be expected to target individual PCs and terminals that access these sites. However, File Upload attacks made up a significantly high proportion of attacks within Financial Services, as attackers tend to attempt to gain server system privileges or distribute malicious files to user PCs and terminals via the websites.

DS Kim, Chief Strategy Officer at Penta Security Systems, said, “It is interesting to see how the current web attack trends are not only changing according to different technological advances, but also that hackers are now strategizing to target different industries.” He continued, “The insights provided in the WATT report give corporations and organizations of all industries the information they need to anticipate attacks. By analyzing the data collected from our patented detection engine, we are able to offer valuable knowledge that can hopefully, reconstruct any organization’s security risk profile.”

Other findings include:

Major attack type varies by continent:
Analyzing trends from aggregate attack data is insufficient in revealing insights needed to inform an effective security strategy. While SQL Injection attacks accounted for the highest proportion of attacks overall, Cross-Site Scripting attacks were the most common in Asia.

Primary attackers are launching persistent attacks against few targets:
Primary attacker IPs worldwide were responsible for 30% of all attacks, utilizing SQL Injection and Cross-Site Scripting in three-quarters of their attacks.

The end of the work day is a peak time for attacks:
During the window of time just after typical working hours, the intensity of web attacks more than double. Between 6pm and 7pm local time, the average rate of attacks was 9.4%, as compared to the hourly average of 4.2%.

The WATT report is a complete and detailed overview of detection data gathered from corporations and organizations currently using WAPPLES and Cloudbric. All participants consented to the gathering and dissemination of malicious traffic data during this particular study period (January 1, 2016 to December 31, 2016), and no additional customer information was collected.

The full report, as well as reports from previous years, is available for download here.

About us
Penta Security Systems Inc. is a leader in web, IoT, and data security solutions and services. With 20 years of IT security expertise in powering secured connections, Penta Security is the top cyber security vendor in Asia, as recognized by Frost & Sullivan, and APAC market share leader in the WAF industry. Driving innovations across encryption, authentication, and signature-free firewall detection technology, Penta Security's whole-system approach to security enables resilience in an era of hyper web integration and connectivity. For more information on Penta Security, visit the company website. For partnership inquiries, email info[at]pentasecurity[dot]com.